PinePhone's modem is isolated through USB. I don't know about other components, though.
Also as a matter of fact, permission control, unless you’re using flatpak/bwrap/firejail is actually better on Android than Linux. Plus long before the first usable part of Linux written in Rust was released, large parts of low level AOSP code were already rewritten in it.
I understand that, but none of that makes GNU/Linux insecure and that's what the GrapheneOS developer has claimed. They said it was insecure. I can't say if GrapheneOS is more secure than GNU/Linux, because I don't know enough about it or how libre it is, so I'm not arguing with that. It's possible that it is (I would have to check opinions of independent experts). My point was that those people can't be taken seriously if they make such ridiculous claims. I don't know if I can believe anything they say.
This person says that Android (a proprietary operating system) is more secure than GNU/Linux. Ridiculous. It's nice that Android has all those security features, but it's still proprietary, so can't be trusted. Keep in mind that he didn't just say GrapheneOS, which might be entirely free software, so unlike Android, it might have a chance to be secure.
PureOS also uses linux-libre. This will prevent the user from loading any proprietary firmware updates, which just so happens to be almost all of them.
I don't think this is true at all. The firmware in Librem 5 is stored on some separate chips and I think users can flash new firmware to them. But even if he was correct, I'm not entirely convinced that you get a security benefit from being able to change from one proprietary firmware version to another, since both those versions can't be trusted. I will need to read more about this at some point.
Then he says the same stupid thing about the killswitches and just like the GrapheneOS dev pretends that they have no benefit. I'm starting to wonder if they are the same person. Never mind, I can now see that he quotes him in his GNU/Linux article, so he is probably just repeating after that guy.
The microphone kill switch is useless since audio can still be gotten via the sensors (such as the gyroscope or accelerometer).
I doubt that. I'm pretty sure that in reality the audio levels you can get from those sensors is too low to be usable (unlike a microphone). Here is a fun fact that this person doesn't know about. The microphone killswitch on one of the PinePhone versions doesn't actually kill the microphone, it just disconnects the amplifier or something. So the microphone technically still works, but it's not gonna pick anything up, even if you yell directly at it. I know this, because people have figured it out from looking at the schematics and tested it.
The unorthodox way in which the Librem 5 attempts to isolate the modem is via the Linux kernel USB stack, which is not a strong barrier, as shown in the Linux article.
I can't find where he explains this, but I think the problem was that he just doesn't know about USBGuard. The author's two articles are full of errors or false information, they don't understand that proprietary systems can't be considered secure. I see no reason to trust their opinions on security.